Mozilla/Firefox Browsers Tar.GZ Archive Weak Permissions Vulnerability

Mozilla and Mozilla Firefox browsers tar.gz archive that contains the installation files is reported susceptible to an improper file permissions vulnerability. It is reported that if the archive is extracted in a certain manner, then the archive is extracted with world read/writeable permissions on its contents.

This allows attackers with local interactive access to overwrite or modify installation files used during the installation of the browser.


 

Privacy Statement
Copyright 2010, SecurityFocus